Thorough testing of integrated technologies/ practices and obtain completion sign-off
REMTCS specializes in assisting businesses of all sizes with establishing or revising security and risk management processes to adhere to the National Industrial Security Program (NISP), NIST 800-53r4 and 800-171, Risk Management Framework (RMF), International Traffic in Arms Regulations (ITAR), Foreign Ownership Control or Influence (FOCI), and Export Administration Regulations (EAR).
Acceptable processes are critical to gaining a new defense contractor’s initial Facility Security Clearance (FCL), or for responding to an unfavorable assessment from Defense Counterintelligence and Security Agency (DCSA) or other government agencies. We provide guidance to our clients using our unique and proven risk analysis method and experienced and certified staff to ensure that you get your business cleared and keep that clearance.
REMTCS will work with your management and employees to learn your business model, align with NISPOM, RMF, ITAR, EAR or other applicable regulatory requirements, and tailor a facility security, information security, risk management, and auditing model that meets the necessary compliance threshold in a cost-effective manner.
The myriad of documents and plans necessary to achieve compliance can be daunting. We can provide support by creating or reviewing the policies, plans, and procedures you need to satisfy your regulatory body. Some of the documents we create for our clients on a regular basis are:
NIST 800-171 or 800-53r4 based System Secuty Plan (SSP) for organizational contractor information systems
Risk Management Framework (RMF) based SSP for classified systems
Insider Threat Program (ITP) development
Electronic Communications Plan (ECP)
Technology Control Plan (TCP)
Affiliated Operations Plan (AOP)
Import / Export Control Procedures
Standard Practice Procedures for Security (SPP)
FOCI Mitigation Agreements (SCA, SSA, Proxy, and VT)
Identify Key Milestones
System and Architecture Analysis
Review Current Environment
Gather Application Requirement
Life Cycle Planning
Extensive qualification of business needs and development of detailed plan
Build Architecture that meets correlates with Needs Analysis
Perform Testing “dry runs”
Implement required changes
Installation of required new components (software, hardware, policies) in production environment